Hey All!
Evaluating Untangle to replace pfsense and sophos and I have some vrrp/networking questions.
Testing Setup:
VRRP on External:
1.2.3.101 Untangle 1
1.2.3.102 Untangle 2
1.2.3.100 VRRP Alias
VRRP on Internal:
172.16.4.101 Untangle 1
172.16.4.102 Untangle 2
172.16.4.100 VRRP Alias
#1 - I want outbound nat to use the VRRP alias for all outbound traffic. I added a nat rule that says if source interface is Internal use custom address 1.2.3.100, I have the Internal gateway set to 172.16.4.100, if I do a traceroute out I see 1.2.3.101 or 1.2.3.102 depending if I failover or not, but if I do an curl ifconfig.me from the Internal machine I see the 1.2.3.100 VRRP Alias. Just curious why traceroute wouldn't show the 1.2.3.100 as the next hop vs the physical address of 1.2.3.101/102 depending if I failover or not?
#2 - Is it possible to use the VRRP Alias address for services? I configured wireguard, and by default it used 1.2.3.101 and .102 for the configs. I can change the config on the client to use the 1.2.3.100 VRRP Alias and it works fine, just curious why I can't tell the service to bind/listed/generate the config for the VRRP alias vs the physical unit interface address.